How to sign a message on cold storage wallet address?

IGCGamers

sr. member

Activity: 555

Merit: 251

Quote from: kahc on December 15, 2017, 11:25:51 AM

Quote from: IGCGamers on December 15, 2017, 11:05:47 AM

Quote from: kahc on December 15, 2017, 10:58:12 AM

Quote from: IGCGamers on December 15, 2017, 10:35:55 AM

Quote from: IGCGamers on December 15, 2017, 10:17:19 AM

Yeah i wanted to do that. But how to transfer the signed message to an online computer? Can you please tell me the steps to transfer the signed message to an online computer?

I think you misunderstood what i asked. I know that i can copy the text file to a USB and move it to the online computer. But how to sync that to the network? If i sign from an offline machine, it will not be synced to the network right? How to make the signature message public?

Should i not make that signed message public on the internet?

Please clarify this

Signed messages are just mathematical scheme for demonstrating the authenticity of digital messages and bitcoin address. The signed message is pure math and not dependent on the internet, and also "not synchronizable".

If you gave someone your signed message, that person can verify it using for example https://chainquery.com/bitcoin-api/verifymessage

If you want to distribute the signed message on the internet, you have to post or publish the signed message yourself.

Thank you for making it very clear. So if i just sign a message from an offline machine using electrum and give the signed message to others, they can still verify it. Am i right?

Please confirm my above understanding..

Apart from this i have another doubt.

If i just run the electrum wallet on an offline computer (which is never connected to internet or will never be connected to internet), is the wallet safe? Are there any possibilities of hacking that wallet? Can any one steal bitcoin from that wallet, if its completely offline?

Yes, signed messages can be created offline and someone else can verify it offline/online on the other side of the world.
You can try it yourself, create a signed message on an offline computer. Then use another online computer, go to https://chainquery.com/bitcoin-api/verifymessage and type in the details, and it will verify.

If your computer is 100% offline all the time. To steal your bitcoin, someone will need to break into your house, steal your computer and then attempt to brute-force your wallet. If your password is more than a few characters long, it will take years/decades/millenium/infinite to crack it. So pretty safe.
Other more advanced method is to infect your USB, and when you connect the USB to the offline computer, it will attempt to steal you private key( this kind of targeted attack is more common on high-value target.) and when you connect back to the online computer it will try to send your private key to the hacker.

Thank you so much for all the clear information. I have got to know what i wanted to know. Thank you once again.. Ill not be using the usb connected to the offline computer to another online computer. So, i am safe.

I am closing this thread now as my clarifications are cleared...

kahc

member

Activity: 350

Merit: 13

Quote from: IGCGamers on December 15, 2017, 11:05:47 AM

Quote from: kahc on December 15, 2017, 10:58:12 AM

Quote from: IGCGamers on December 15, 2017, 10:35:55 AM

Quote from: IGCGamers on December 15, 2017, 10:17:19 AM

Yeah i wanted to do that. But how to transfer the signed message to an online computer? Can you please tell me the steps to transfer the signed message to an online computer?

I think you misunderstood what i asked. I know that i can copy the text file to a USB and move it to the online computer. But how to sync that to the network? If i sign from an offline machine, it will not be synced to the network right? How to make the signature message public?

Should i not make that signed message public on the internet?

Please clarify this

Signed messages are just mathematical scheme for demonstrating the authenticity of digital messages and bitcoin address. The signed message is pure math and not dependent on the internet, and also "not synchronizable".

If you gave someone your signed message, that person can verify it using for example https://chainquery.com/bitcoin-api/verifymessage

If you want to distribute the signed message on the internet, you have to post or publish the signed message yourself.

Thank you for making it very clear. So if i just sign a message from an offline machine using electrum and give the signed message to others, they can still verify it. Am i right?

Please confirm my above understanding..

Apart from this i have another doubt.

If i just run the electrum wallet on an offline computer (which is never connected to internet or will never be connected to internet), is the wallet safe? Are there any possibilities of hacking that wallet? Can any one steal bitcoin from that wallet, if its completely offline?

Yes, signed messages can be created offline and someone else can verify it offline/online on the other side of the world.
You can try it yourself, create a signed message on an offline computer. Then use another online computer, go to https://chainquery.com/bitcoin-api/verifymessage and type in the details, and it will verify.

If your computer is 100% offline all the time. To steal your bitcoin, someone will need to break into your house, steal your computer and then attempt to brute-force your wallet. If your password is more than a few characters long, it will take years/decades/millenium/infinite to crack it. So pretty safe.
Other more advanced method is to infect your USB, and when you connect the USB to the offline computer, it will attempt to steal you private key( this kind of targeted attack is more common on high-value target.) and when you connect back to the online computer it will try to send your private key to the hacker.

IGCGamers

sr. member

Activity: 555

Merit: 251

Quote from: kahc on December 15, 2017, 10:58:12 AM

Quote from: IGCGamers on December 15, 2017, 10:35:55 AM

Quote from: IGCGamers on December 15, 2017, 10:17:19 AM

Yeah i wanted to do that. But how to transfer the signed message to an online computer? Can you please tell me the steps to transfer the signed message to an online computer?

I think you misunderstood what i asked. I know that i can copy the text file to a USB and move it to the online computer. But how to sync that to the network? If i sign from an offline machine, it will not be synced to the network right? How to make the signature message public?

Should i not make that signed message public on the internet?

Please clarify this

Signed messages are just mathematical scheme for demonstrating the authenticity of digital messages and bitcoin address. The signed message is pure math and not dependent on the internet, and also "not synchronizable".

If you gave someone your signed message, that person can verify it using for example https://chainquery.com/bitcoin-api/verifymessage

If you want to distribute the signed message on the internet, you have to post or publish the signed message yourself.

Thank you for making it very clear. So if i just sign a message from an offline machine using electrum and give the signed message to others, they can still verify it. Am i right?

Please confirm my above understanding..

Apart from this i have another doubt.

If i just run the electrum wallet on an offline computer (which is never connected to internet or will never be connected to internet), is the wallet safe? Are there any possibilities of hacking that wallet? Can any one steal bitcoin from that wallet, if its completely offline?

kahc

member

Activity: 350

Merit: 13

Quote from: IGCGamers on December 15, 2017, 10:35:55 AM

Quote from: IGCGamers on December 15, 2017, 10:17:19 AM

Yeah i wanted to do that. But how to transfer the signed message to an online computer? Can you please tell me the steps to transfer the signed message to an online computer?

I think you misunderstood what i asked. I know that i can copy the text file to a USB and move it to the online computer. But how to sync that to the network? If i sign from an offline machine, it will not be synced to the network right? How to make the signature message public?

Should i not make that signed message public on the internet?

Please clarify this

Signed messages are just mathematical scheme for demonstrating the authenticity of digital messages and bitcoin address. The signed message is pure math and not dependent on the internet, and also "not synchronizable".

If you gave someone your signed message, that person can verify it using for example https://chainquery.com/bitcoin-api/verifymessage

If you want to distribute the signed message on the internet, you have to post or publish the signed message yourself.

IGCGamers

sr. member

Activity: 555

Merit: 251

Quote from: IGCGamers on December 15, 2017, 10:17:19 AM

Quote from: kahc on December 15, 2017, 10:07:49 AM

Quote from: IGCGamers on December 15, 2017, 09:48:59 AM

Quote from: Thirdspace on December 08, 2017, 08:19:56 PM

I assume you hold privkey on a paperwallet. read this post made by shorena: How to sign a message?!
if you still have problems, come back here and feel free to ask or ask in that thread

I have ready the post and all the other places too. Every one says that i have to import the private keys to sign a message. I feel that is not a safe idea. I have the private key for a paper wallet. Is there any way to sign a message with time stamp on that wallet address without importing the private keys.

As an alternate i have an idea.. Please tell me if its good.

Ill sign a message from electrum in an online computer and disconnect it from internet after signing. Will that be safe?

After that if i share the wallet address to public(it is going to be a cold wallet), can people still hack the wallet?

Please share your views on it...

Yes you need the private key to sign a message, but I've never heard of any client that leaks the private key.
Don't you have an USB or something that you can use to transfer a file between computers? Open Electrum in an offline computer and sign the message. Then transfer the signed message to the online computer. Safe and easy.

Yeah i wanted to do that. But how to transfer the signed message to an online computer? Can you please tell me the steps to transfer the signed message to an online computer?

I think you misunderstood what i asked. I know that i can copy the text file to a USB and move it to the online computer. But how to sync that to the network? If i sign from an offline machine, it will not be synced to the network right? How to make the signature message public?

Should i not make that signed message public on the internet?

Please clarify this

kahc

member

Activity: 350

Merit: 13

Quote from: IGCGamers on December 15, 2017, 10:17:19 AM

Quote from: kahc on December 15, 2017, 10:07:49 AM

Yes you need the private key to sign a message, but I've never heard of any client that leaks the private key.
Don't you have an USB or something that you can use to transfer a file between computers? Open Electrum in an offline computer and sign the message. Then transfer the signed message to the online computer. Safe and easy.

Yeah i wanted to do that. But how to transfer the signed message to an online computer? Can you please tell me the steps to transfer the signed message to an online computer?

Like this:

Offline computer:
Open Electrum and sign the message.
After the message is signed, the signature field will be populated.

Now copy the content of 'message' , 'address' and 'signature' to a text file.
You can use this format:

Code:

[code]
-----BEGIN BITCOIN SIGNED MESSAGE-----
This is shorena from bitcointalk.org and today is 2015.03.14
or as some of you might write it 03/14/15 pi day 2015
-----BEGIN SIGNATURE-----
18uTXyQubfaYrkbQDdaXhzd2ALEY5YN77B
IFtLgDZCpvfw0DT70RCLcYXj3Dbjf68sc6pj/C+u5K6IC8PIhHE4Y/ldllt1/yhrZpVW/shFRf7rxQYdsW/CcBM=
-----END BITCOIN SIGNED MESSAGE-----

[/code]

Save the text file.
Insert an USB or connect your smartphone to the offline computer, and move the text file from offline computer to USB or smartphone.

Online computer:
Insert the USB or connect your phone to the online computer, and move the text file over.
Done.

IGCGamers

sr. member

Activity: 555

Merit: 251

Quote from: kahc on December 15, 2017, 10:07:49 AM

Quote from: IGCGamers on December 15, 2017, 09:48:59 AM

Quote from: Thirdspace on December 08, 2017, 08:19:56 PM

I assume you hold privkey on a paperwallet. read this post made by shorena: How to sign a message?!
if you still have problems, come back here and feel free to ask or ask in that thread

I have ready the post and all the other places too. Every one says that i have to import the private keys to sign a message. I feel that is not a safe idea. I have the private key for a paper wallet. Is there any way to sign a message with time stamp on that wallet address without importing the private keys.

As an alternate i have an idea.. Please tell me if its good.

Ill sign a message from electrum in an online computer and disconnect it from internet after signing. Will that be safe?

After that if i share the wallet address to public(it is going to be a cold wallet), can people still hack the wallet?

Please share your views on it...

Yes you need the private key to sign a message, but I've never heard of any client that leaks the private key.
Don't you have an USB or something that you can use to transfer a file between computers? Open Electrum in an offline computer and sign the message. Then transfer the signed message to the online computer. Safe and easy.

Yeah i wanted to do that. But how to transfer the signed message to an online computer? Can you please tell me the steps to transfer the signed message to an online computer?

IGCGamers

sr. member

Activity: 555

Merit: 251

Quote from: LoyceV on December 15, 2017, 10:01:52 AM

Quote from: IGCGamers on December 15, 2017, 09:52:31 AM

Let me do the entire process on a new computer that is not connected with internet and later let me format the computer... Is it good to do that?

This seems okay, but for the true paranoid (like me!) I wouldn't be satisfied with a quick format that can be unformatted. I'd want to zero the hard disk.

Thank you..

Quote

But is it really possible to sign a message without internet?

Yes. All you need to sign a message is the private key.

Even if i sign a message using the private key in an offline machine. How that can be relayed to the blockchain without the internet.

If i sign a message without internet, it cannot be synced with the network right? Please clarify

kahc

member

Activity: 350

Merit: 13

Quote from: IGCGamers on December 15, 2017, 09:48:59 AM

Quote from: Thirdspace on December 08, 2017, 08:19:56 PM

I assume you hold privkey on a paperwallet. read this post made by shorena: How to sign a message?!
if you still have problems, come back here and feel free to ask or ask in that thread

I have ready the post and all the other places too. Every one says that i have to import the private keys to sign a message. I feel that is not a safe idea. I have the private key for a paper wallet. Is there any way to sign a message with time stamp on that wallet address without importing the private keys.

As an alternate i have an idea.. Please tell me if its good.

Ill sign a message from electrum in an online computer and disconnect it from internet after signing. Will that be safe?

After that if i share the wallet address to public(it is going to be a cold wallet), can people still hack the wallet?

Please share your views on it...

Yes you need the private key to sign a message, but I've never heard of any client that leaks the private key.
Don't you have an USB or something that you can use to transfer a file between computers? Open Electrum in an offline computer and sign the message. Then transfer the signed message to the online computer. Safe and easy.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: IGCGamers on December 15, 2017, 09:52:31 AM

Let me do the entire process on a new computer that is not connected with internet and later let me format the computer... Is it good to do that?

This seems okay, but for the true paranoid (like me!) I wouldn't be satisfied with a quick format that can be unformatted. I'd want to zero the hard disk.

Quote

But is it really possible to sign a message without internet?

Yes. All you need to sign a message is the private key.

IGCGamers

sr. member

Activity: 555

Merit: 251

Quote from: LoyceV on December 09, 2017, 03:12:23 AM

Quote from: Thirdspace on December 08, 2017, 08:19:56 PM

I assume you hold privkey on a paperwallet. read this post made by shorena: How to sign a message?!

The important part here is to keep the address "cold".

I've done this before:
1. Download Knoppix
2. Burn it onto a DVD
3. Reboot your computer from that DVD, unplug your internet, close your curtains
4. Start Electrum, import your private key, sign your message
5. DO NOT go online, write down the message, print it, or save it to a USB-stick
6. Turn off your computer, Knoppix runs entirely from memory, turning it off wipes it completely.

Instead of booting the computer using a dvd and keeping it disconnected from internet, can i not use the option below:

Let me do the entire process on a new computer that is not connected with internet and later let me format the computer... Is it good to do that?

But is it really possible to sign a message without internet?

IGCGamers

sr. member

Activity: 555

Merit: 251

Quote from: Thirdspace on December 08, 2017, 08:19:56 PM

I assume you hold privkey on a paperwallet. read this post made by shorena: How to sign a message?!
if you still have problems, come back here and feel free to ask or ask in that thread

I have ready the post and all the other places too. Every one says that i have to import the private keys to sign a message. I feel that is not a safe idea. I have the private key for a paper wallet. Is there any way to sign a message with time stamp on that wallet address without importing the private keys.

As an alternate i have an idea.. Please tell me if its good.

Ill sign a message from electrum in an online computer and disconnect it from internet after signing. Will that be safe?

After that if i share the wallet address to public(it is going to be a cold wallet), can people still hack the wallet?

Please share your views on it...

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: Thirdspace on December 08, 2017, 08:19:56 PM

I assume you hold privkey on a paperwallet. read this post made by shorena: How to sign a message?!

The important part here is to keep the address "cold".

I've done this before:
1. Download Knoppix
2. Burn it onto a DVD
3. Reboot your computer from that DVD, unplug your internet, close your curtains
4. Start Electrum, import your private key, sign your message
5. DO NOT go online, write down the message, print it, or save it to a USB-stick
6. Turn off your computer, Knoppix runs entirely from memory, turning it off wipes it completely.

Thirdspace

hero member

Activity: 1232

Merit: 738

Mixing reinvented for your privacy | chipmixer.com

I assume you hold privkey on a paperwallet. read this post made by shorena: How to sign a message?!
if you still have problems, come back here and feel free to ask or ask in that thread

IGCGamers

sr. member

Activity: 555

Merit: 251

Hi,

I have a bitcoin cold wallet address and i want to sign a message with time stamp. Please tell me how to do it? Please do not make fun of me for asking such things.

Please tell me the step by step procedure.. I am new to this...

Topic: How to sign a message on cold storage wallet address? (Read 274 times)